DEV Community

Cover image for Voices from the Community: Forewords and Praise for 'Docker and Kubernetes Security'
Mohammad-Ali A'RÂBI
Mohammad-Ali A'RÂBI

Posted on • Originally published at dockersecurity.io

Voices from the Community: Forewords and Praise for 'Docker and Kubernetes Security'

#docker #books

When I decided to self-publish Docker and Kubernetes Security in early 2025, I never imagined the incredible support from the community that would follow. From Docker Captains to industry leaders, the book has received heartfelt forewords and glowing reviews that have truly humbled me.

The book wouldn't have seen the light of day without the overwhelming support from the community, and I want to take a moment to share some of the voices that have made this journey so special. What comes next is a collection of forewords and praise from industry experts who have taken the time to read and review the book. You can also find these on the published book itself.

Docker and Kubernetes Security book at the Docker Captains Summit 2025

Finalist for Best DevOps Book of the Year 2025

I am incredibly honored to share that Docker and Kubernetes Security was selected as a finalist for the Best DevOps Book of the Year at the DevOps Dozen 2025 awards.

The DevOps Dozen awards recognize the most impactful contributions to the DevOps ecosystem, and being part of this list is a huge milestone for the book. I want to take a moment to celebrate the other finalists in this category, as each of these works represents a significant contribution to our field:

  • Progressive Delivery by James Governor, Kim Harrison, Heidi Waterhouse, and Adam Zimman
  • The Phoenix Project Graphic Novel Volume 2 by Gene Kim and Mike Collins
  • Intelligent Continuous Security by Marc Hornbeek
  • The Cybernetic Enterprise by Romano Roth
  • Argo CD Best Practices by Kostis Kapelonis
  • DevEx as a Service by Matthew Casperson

Congratulations to all the authors and teams—it's an honor to be in such esteemed company!

Foreword by Liran Tal

Mohammad doesn't just present theory; he provides a practical, hands-on roadmap.

Developers and infrastructure engineers are increasingly expected to be proficient in both building and securing applications. However, knowing where to start can be a significant challenge. In my experience, many professionals find themselves overwhelmed by the sheer volume of resources available online, often leading to confusion and uncertainty about best practices. Even more so, navigating the complexities of Docker, Kubernetes, and the myriad of security challenges can be a daunting task. As a peer of Mohammad in the DevOps and DevSecOps community, I've witnessed firsthand his commitment to demystifying this critical domain, and this book is a testament to that passion.

This is precisely where this work excels. Mohammad doesn't just present theory; he provides a practical, hands-on roadmap. Your container security journey will begin with a solid grounding in Docker, making the content accessible to newcomers, before expanding to map out the entire cloud-native landscape. The true power of this book lies in its actionable security guidance. You’ll find DevSecOps-ready recipes for integrating security scanning into your CI pipelines, mastering reporting standards from SARIF to SBOMs, and implementing the best practices that are non-negotiable for any modern security organization, from signing images to securely managing secrets in Kubernetes.

As a Docker Captain, Mohammad is more than just a participant in this ecosystem; he is a steward. His deep understanding of the cloud-native attack surface is evident on every page, equipping readers not just with "how-to" knowledge, but with the critical "why" behind securing every link in the supply chain. This book is an essential resource for anyone serious about building and deploying secure applications, and I am confident it will empower you to navigate the complexities of modern software security with clarity and confidence.

—Liran Tal, September 2025

Foreword by Hamida Rebai

What distinguishes this book is that it is extremely hands-on. It provides a step-by-step guide, providing users with real-world recipes and best practices...

In today's fast-changing world of software development, containers have sparked a big change. They allow companies to create, build, and deploy apps faster more and more than ever before. Docker and Kubernetes are leading this shift becoming key tools in modern software creation. But while these technologies offer many advantages, they also bring new security issues that must be addressed to keep our systems and data secure.

This book is your essential guide to navigating the complexities of container security, with a focus on mastering the protection of Docker and Kubernetes environments. It gives readers the know-how and practical skills needed to ensure the security of their containerized applications and infrastructure. The book covers everything from detecting vulnerabilities in Docker images to mastering the complexities of Kubernetes security.

If you’re a developer on a DevOps team or working in security, this book gives you the information and tools you need to secure Docker containers and Kubernetes clusters. Each chapter provides practical steps, from identifying and fixing vulnerabilities in Docker images to implementing advanced security measures in orchestrated environments, that you can immediately implement in your work.

We start with a deep dive into container security tools and how to find and fix vulnerabilities in Docker images. Then we cover supply chain security, secure Docker image building, and integrating security into CI/CD pipelines. As you go through the book you’ll learn to secure Docker containers on Kubernetes, manage Kubernetes cluster security, and implement robust logging, monitoring, and auditing to have full observability of your environments.

In the upcoming chapters, you’ll learn how to design an application architecture that’s secure, resilient, and scalable, with Dockerized applications. And the final chapter looks far into the future, exploring emerging trends in Docker and Kubernetes security including shift-left security, serverless containers and the growing role of DevSecOps. By the end, you’ll be prepared to embrace the future of security and keep ahead of changes so you can remain an expert in your field.

What distinguishes this book is that it is extremely hands-on. It provides a step-by-step guide, providing users with real-world recipes and best practices to achieve actual implementation. The chapters on logging, monitoring, and auditing are essential to address security breaches as they track the behavior of a system when issues arise.

The rapid rise of containerized applications as the major component of next-generation infrastructure at enterprises is simply leading to a higher engagement and importance of securing those containerized environments. The expansive ecosystem of real-world threats, the moment that you begin working on next-generation infrastructure, requires the knowledge and the core components that this book delivers: a collection of useful strategies, techniques, best practices, and open-source security tools that will help you design, implement, deploy and constantly manage secure containerized applications within Docker containers and Kubernetes clusters.

Therefore, please keep in mind that security is not a task performed once; it is more like a state of vigilance and continuous improvement. The knowledge you gain from this book will help you with today’s challenges and future threats.

Enjoy and good luck with securing Docker and Kubernetes.

—Hamida Rebai Trabelsi, August 2024

Praise for the Book

"The Container Security Book You Need!"

This book is an absolute masterclass that cuts through the complexity of cloud-native security. It covers everything from building trusted Docker images to locking down Kubernetes with RBAC, Network Policies, and advanced Runtime Defense.

It's clear, practical, and immediately actionable. No more guesswork, just a proven roadmap to secure container deployment.

If you want to become an expert in Docker's deployment and truly secure your cloud-native workloads, this book is for you!

—Francesco Corti, Product Manager at Docker Inc.

"A practical, must‑read guide that equips you with immediate skills for securing Docker and Kubernetes."

—Pradumna Saraf, Docker Captain and Open Source Contributor

"The New Docker and Kubernetes Security Standard Reference!"

I know I will carry this book to work for the next few years and I dare to say that, with regard to Docker and Kubernetes security, this work deserves to become the standard reference.

—Clemens Scholz, Senior Platform Engineer at Endress+Hauser Group

"Easy to follow for beginners"

Beginners will find this book easy to follow, with plenty of hands-on content to get started with Docker and Kubernetes.

—Harpal Dhillon, Senior Vice President / Container Security at Citi

About the Book

Docker and Kubernetes Security takes you from the fundamentals of containerization to advanced hardening, CI/CD integration, and runtime observability. Whether you are a developer, DevOps engineer, or security professional, this book provides the tactical knowledge needed to stay ahead of modern threats.

Ready to start your journey?

Top comments (0)